CVE-2005-0691

SocialMPN modules.php - Remote File Inclusion Code Execution

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0691. PoCs published by y3dips.

AI-analyzed exploit summary This script tests for a remote file inclusion vulnerability in SocialMPN by sending a crafted HTTP request to a target URL. It checks if the response indicates a successful inclusion of a remote file.

Description

PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code.

Exploits (1)

exploitdb SCANNER VERIFIED

by y3dips · perlwebappsphp

https://www.exploit-db.com/exploits/872

View Code ZIP pw:eip

This script tests for a remote file inclusion vulnerability in SocialMPN by sending a crafted HTTP request to a target URL. It checks if the response indicates a successful inclusion of a remote file.

Classification

Scanner 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: SocialMPN (version not specified)

No auth needed

Prerequisites: Target URL · Path to the remote file to include

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111022633903239&w=2

Exploit, Vendor Advisory x_refsource_misc

http://waraxe.us/ftopic-542-0-days0-orderasc-.html

Scores

EPSS 0.0226

EPSS Percentile 80.7%

Details

Status published

Products (5)

socialmpn/socialmpn 1.2.1

socialmpn/socialmpn 1.2.2

socialmpn/socialmpn 1.2.3

socialmpn/socialmpn 1.2.4

socialmpn/socialmpn 1.2.5

Published Mar 06, 2005

Tracked Since Feb 18, 2026